[Webkit-unassigned] [Bug 124744] New: [ASAN] Use manual poisoning of mmap'ed regions in WTF and JavaScriptCore
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Nov 21 13:59:26 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=124744
Summary: [ASAN] Use manual poisoning of mmap'ed regions in WTF
and JavaScriptCore
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh
OS/Version: Mac OS X 10.9
Status: NEW
Severity: Enhancement
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: dfarler at apple.com
The Address Sanitizer is likely ignoring JavaScriptCore's allocated regions since we are using mmap directly. In order to get the real benefits of ASan in JSC, we're probably going to need to manually poison/un-poison allocations in WTF. This will need the following:
- Conditional macro defines on __has_feature(address_sanitizer) || defined(__SANITIZE_ADDRESS__)
- Conditional include of compiler-rt's sanitizer/asan_interface.h in order to get __asan_poison_memory_region and __asan_unpoison_memory_region
- Simple macros for poisoning / unpoisoning regions that include the above conditional
An example usage would be something like this from the wiki:
#if __has_feature(address_sanitizer) || defined(__SANITIZE_ADDRESS__)
#define ASAN_POISON_MEMORY_REGION(addr, size) \
__asan_poison_memory_region((addr), (size))
#define ASAN_UNPOISON_MEMORY_REGION(addr, size) \
__asan_unpoison_memory_region((addr), (size))
#else
#define ASAN_POISON_MEMORY_REGION(addr, size) \
((void)(addr), (void)(size))
#define ASAN_UNPOISON_MEMORY_REGION(addr, size) \
((void)(addr), (void)(size))
#endif
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list